diff --git a/flask/forest/admin/forms.py b/flask/forest/admin/forms.py deleted file mode 100644 index bb9de56..0000000 --- a/flask/forest/admin/forms.py +++ /dev/null @@ -1,34 +0,0 @@ -import string -import random - -from .. import db -from ..models import User, Role, Region - -from flask_wtf import FlaskForm, RecaptchaField -from wtforms import StringField, PasswordField, BooleanField, SubmitField, SelectField, DecimalField -from wtforms import validators, ValidationError -from wtforms.fields import EmailField, DecimalRangeField - -class OrderForm(FlaskForm): - cpu = DecimalRangeField('Processor Cores', default=2) - memory = DecimalRangeField('Memory', default=512) - storage = DecimalRangeField('Storage', default=20) - alias = StringField('Machine Alias:', [validators.Regexp(message='ex.: myservice1.com, myservice2.local', regex='^[a-zA-Z0-9][a-zA-Z0-9-_]{0,61}[a-zA-Z0-9]{0,1}\.([a-zA-Z]{1,6}|[a-zA-Z0-9-]{1,30}\.[a-zA-Z]{2,3})$'), validators.Length(6,64)]) - submit = SubmitField('Create') - -class ChargeForm(FlaskForm): - amount = DecimalField('Стойност:', [validators.DataRequired(), validators.NumberRange(min=1, max=500)]) - submit = SubmitField('Зареди') - -class Addr2PoolForm(FlaskForm): - #regions = Region.query.all() - #region_choices = [] - #for region in regions: - # region_choices.expand((region.pid, str(region.description))) - region_choices = [(1, 'Plovdiv, Bulgaria')] - region = SelectField('Region', choices=region_choices, coerce=int) - ip = StringField('IP Address:', [validators.DataRequired(), validators.Regexp(message='172.16.0.1', regex='^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$')]) - rdns = StringField('Reverse DNS:', [validators.Optional(), validators.Regexp(message='must be fqdn', regex='^[a-zA-Z0-9][a-zA-Z0-9-_]{0,61}[a-zA-Z0-9]{0,1}\.([a-zA-Z]{1,6}|[a-zA-Z0-9-]{1,30}\.[a-zA-Z]{2,3})$')]) - reserved = BooleanField('Reserved:') - submit = SubmitField('Add IP') - diff --git a/flask/forest/admin/routes.py b/flask/forest/admin/routes.py index d12e167..1c02154 100644 --- a/flask/forest/admin/routes.py +++ b/flask/forest/admin/routes.py @@ -3,23 +3,16 @@ from flask_login import fresh_login_required, login_user, logout_user from flask_sqlalchemy import get_debug_queries from . import admin -from .forms import ChargeForm, Addr2PoolForm, OrderForm from .. import db from ..email import send_email -from ..models import User, Transaction, Order, Server, Deployment, Service, Region, Address, Domain, contact_proxmaster +from ..models import User, Item from ..decorators import admin_required, permission_required import base64 import string import random from datetime import datetime, timedelta, date, time -import ipaddress - -#@admin.before_app_request -#def before_request(): -# g.user = current_user -# print('current_user: %s, g.user: %s, leaving bef_req' % (current_user, g.user)) @admin.after_app_request def after_request(response): @@ -34,54 +27,6 @@ def after_request(response): def index(): return redirect(url_for('admin.list_users')) -@admin.route("/listorders", methods=['GET', 'POST']) -@fresh_login_required -@admin_required -def list_orders(): - NewOrders = Order.query.filter_by(status='new').order_by(Order.date_created.asc()).all() - AcceptedOrders = Order.query.filter_by(status='accepted').order_by(Order.date_created.asc()).all() - return render_template('admin/list_orders.html', neworders=NewOrders, oldorders=AcceptedOrders) - -@admin.route("/listdeployments", methods=['GET']) -@fresh_login_required -@admin_required -def list_deployments(): - AllDeploymentsProtected = Deployment.query.filter_by(deleted=False).order_by(Deployment.daysleft.asc()).all() - statuses = {} - for deploy in AllDeploymentsProtected: - data = { 'unit_id': int(deploy.machine_id), - 'type': 'kvm' } - try: - query = contact_proxmaster(data, 'status') - status = { int(deploy.machine_id): str(query['status']) } - statuses.update(status) - except: - pass - return render_template('admin/list_deployments.html', deployments=AllDeploymentsProtected, status=statuses) - -@admin.route("/listservices", methods=['GET']) -@fresh_login_required -@admin_required -def list_services(): - allservices = Service.query.filter_by(deleted=False).order_by(Service.daysleft.asc()).all() - return render_template('admin/list_services.html', services=allservices) - -@admin.route("/listdomains", methods=['GET']) -@fresh_login_required -@admin_required -def list_domains(): - alldomains = Domain.query.filter_by(deleted=False).order_by(Domain.daysleft.asc()).all() - return render_template('admin/list_domains.html', domains=alldomains) - -@admin.route("/listarchive", methods=['GET']) -@fresh_login_required -@admin_required -def list_archive(): - deployments = Deployment.query.filter_by(protected=False).order_by(Deployment.daysleft.asc()).all() - services = Service.query.filter_by(deleted=True).all() - domains = Domain.query.filter_by(deleted=True).all() - return render_template('admin/list_archive.html', deployments=deployments, services=services, domains=domains) - @admin.route("/listusers/", defaults={'page': 1}) @admin.route("/listusers/", methods=['GET']) @fresh_login_required @@ -90,93 +35,9 @@ def list_users(page): sqlquery = User.query.filter_by(active=True).order_by(User.last_seen.desc()).paginate(page, current_app.config['ITEMS_PER_PAGE'], error_out=False) return render_template('admin/list_users.html', users=sqlquery.items, page=page) -@admin.route("/charge/", methods=['GET', 'POST']) +@admin.route("/listitems", methods=['GET']) @fresh_login_required @admin_required -def charge(user_pid=0): - cuser = User.query.filter_by(pid=user_pid).first() - form = ChargeForm() - if form.validate_on_submit(): - transaction = Transaction(user_id=int(cuser.pid), description='Account charged by staff', value=float(form.amount.data)) - db.session.add(transaction) - db.session.commit() - - cuser.wallet += float(form.amount.data) - db.session.add(cuser) - db.session.commit() - return redirect(url_for('admin.list_users')) - return render_template('admin/charge.html', form=form, usr=cuser) - -@admin.route("/listaddresses", methods=['GET']) -@fresh_login_required -@admin_required -def list_addresses(): - alladdresses = Address.query.all() - alladdrlist = [] - for addr in alladdresses: - alladdrlist.append(addr.ip) - ipobjs = sorted(ipaddress.ip_address(addr) for addr in alladdrlist) - ipnrml = [] - for ipobj in ipobjs: - ipnrml.append(str(ipobj)) - alladdr = sorted(alladdresses, key=lambda o: ipnrml.index(o.ip)) - return render_template('admin/list_addresses.html', addresses=alladdr) - -@admin.route("/addr2pool", methods=['GET', 'POST']) -@fresh_login_required -@admin_required -def addr2pool(): - alladdrlist = [] - alladdr = Address.query.all() - for addr in alladdr: - alladdrlist.append(str(addr.ip)) - #current_app.logger.info('Current IP pool: {}'.format(alladdrlist)) - form = Addr2PoolForm() - if form.validate_on_submit(): - if form.ip.data in alladdrlist: - flash('IP address {} is already in the pool!'.format(form.ip.data)) - return redirect(url_for('admin.addr2pool')) - address = Address(ip=form.ip.data, rdns=form.rdns.data, region_id=form.region.data, enabled=True, reserved=form.reserved.data) - db.session.add(address) - db.session.commit() - flash('Address {} added to region {}'.format(form.ip.data, form.region.data)) - return redirect(url_for('admin.addr2pool')) - return render_template('admin/addr2pool.html', form=form, alladdresses=alladdrlist) - -@admin.route("/listservers", methods=['GET']) -@fresh_login_required -@admin_required -def list_servers(): - allservers = Server.query.all() - return render_template('admin/list_servers.html', servers=allservers) - -@admin.route("/listtransactions/", defaults={'page': 1}) -@admin.route("/listtransactions/", methods=['GET']) -@fresh_login_required -@admin_required -def list_transactions(page): - sqlquery = Transaction.query.order_by(Transaction.date_created.desc()).paginate(page, current_app.config['ITEMS_PER_PAGE'], error_out=False) - return render_template('admin/list_transactions.html', transactions=sqlquery.items, page=page) - -@admin.route("/transaction/", methods=['GET']) -@fresh_login_required -@admin_required -def transaction(user_pid=0): - cuser = User.query.filter_by(pid=user_pid).first() - transactions = cuser.inv_transactions.order_by(Transaction.date_created.desc()).limit(20) - - labelslist = ['today'] - translist = [cuser.wallet] - prevvalue = cuser.wallet - for tr in transactions: - labelslist.insert(0, str(tr.date_created.strftime('%d.%m'))) - translist.insert(0, prevvalue - tr.value) - prevvalue -= tr.value - - if len(labelslist) <= 1: - labelslist.insert(0, 'before') - translist.insert(0, 0) - - #current_app.logger.info('[{}] transactions: {} {} '.format(cuser.email, translist, labelslist)) - return render_template('uinvoice/transactions.html', transactions=transactions, translist=translist, labelslist=labelslist, cuser=cuser) - +def list_items(): + allservices = Item.query.order_by(Item.date_created.asc()).all() + return render_template('admin/list_items.html', items=allitems) \ No newline at end of file diff --git a/flask/forest/auth/routes.py b/flask/forest/auth/routes.py index 5d76713..9c6f94b 100644 --- a/flask/forest/auth/routes.py +++ b/flask/forest/auth/routes.py @@ -3,9 +3,9 @@ from flask_login import login_required, login_user, logout_user, current_user from . import auth from .. import db -from ..models import User, Transaction +from ..models import User from ..email import send_email -from .forms import LoginForm, TwoFAForm, RegistrationForm, ChangePasswordForm,PasswordResetRequestForm, PasswordResetForm +from .forms import LoginForm, TwoFAForm, RegistrationForm, ChangePasswordForm, PasswordResetRequestForm, PasswordResetForm from ..decorators import admin_required, permission_required from io import BytesIO @@ -148,9 +148,6 @@ def register(): user = User(email=form.email.data, password=form.password.data, wallet=current_app.config['REGISTER_BONUS']) db.session.add(user) db.session.commit() - #transaction = Transaction(user_id=int(user.pid), description='Registered account bonus', value=current_app.config['REGISTER_BONUS']) - #db.session.add(transaction) - #db.session.commit() token = user.generate_confirmation_token() send_email(user.email, 'Потвърдете Вашата регистрация', 'auth/email/confirm', user=user, token=token) #notify admin diff --git a/flask/forest/main/forms.py b/flask/forest/main/forms.py index 3df748f..bb679e3 100644 --- a/flask/forest/main/forms.py +++ b/flask/forest/main/forms.py @@ -5,7 +5,6 @@ from wtforms import validators, ValidationError from wtforms.fields import EmailField from ..models import User - class LoginForm(FlaskForm): email = EmailField('', [validators.DataRequired(), validators.Length(1,64), validators.Email()], render_kw={"placeholder": "username"}) password = PasswordField('', [validators.DataRequired(), validators.Length(1,128)], render_kw={"placeholder": "password"}) @@ -23,4 +22,4 @@ class RegistrationForm(FlaskForm): accept_tos = BooleanField('I accept the Terms of Service', [validators.DataRequired()]) recaptcha = RecaptchaField() submit = SubmitField('REGISTER') - + \ No newline at end of file diff --git a/flask/forest/main/routes.py b/flask/forest/main/routes.py index c3923e5..d57c0a2 100644 --- a/flask/forest/main/routes.py +++ b/flask/forest/main/routes.py @@ -6,7 +6,7 @@ from . import main from .forms import LoginForm, RegistrationForm from .. import db from ..email import send_email -from ..models import User, Permission, Server, Deployment, Service, Region, Address, Domain, contact_proxmaster +from ..models import User, Permission, Item import base64 @@ -24,39 +24,10 @@ def index(): allservers = Server.query.filter_by(enabled=True) return render_template('main/index.html', servers=allservers, form=form) -@main.route("/chat", methods=['GET']) -def chat(): - return render_template('main/livechat.html') - -#@main.route("/aboutus", methods=['GET']) -#def about(): -# return render_template('main/aboutus.html') - -@main.route('/domaincheck', methods=['GET']) -def domaincheck(): - return render_template('main/domaincheck.html') +@main.route("/aboutus", methods=['GET']) +def about(): + return render_template('main/aboutus.html') @main.route("/terms", methods=['GET']) def terms(): return render_template('main/terms.html') - -#APP STORE -@main.route('/market/', methods=['GET']) -@login_required -def market(group_id=0): - page = { 'title': 'Market' } - allproducts = Product.get_products() - allgroups = current_app.config['GROUPS'] - - if group_id == 0: - return render_template('main/market.html', groups=allgroups, products=allproducts) - - filtered_products = {} - for key, value in allproducts.items(): - if value['group'] == group_id: - filtered_products[key] = value - - if filtered_products == {}: - abort(404) - return render_template('main/marketgroup.html', groupname=allgroups[group_id], products=filtered_products) - diff --git a/flask/forest/panel/routes.py b/flask/forest/panel/routes.py index 6851e5b..42e1d44 100644 --- a/flask/forest/panel/routes.py +++ b/flask/forest/panel/routes.py @@ -6,7 +6,7 @@ from . import panel from .forms import OrderForm, MessageForm from .. import db from ..email import send_email -from ..models import User, Permission, Recipe, Order, Server, Deployment, Service, Region, Address, Domain, SupportTopic, SupportLine, contact_proxmaster +from ..models import User, Permission, Item import base64 from datetime import date, time, datetime @@ -19,147 +19,39 @@ def after_request(response): current_app.logger.warning('Slow query: %s\nParameters: %s\nDuration: %fs\nContext: %s\n' % (query.statement, query.parameters, query.duration, query.context)) return response -@panel.route("/deploy", methods=['GET', 'POST']) -@login_required -def deploy(): - if current_user.name is None: - return redirect(url_for('settings.profile')) - - form = OrderForm() - if form.validate_on_submit(): - region = Region.query.filter_by(pid=int(form.region.data)).first() - recipe = Recipe.query.filter_by(pid=int(form.recipe.data)).first() - new_order = Order(user_id=int(current_user.pid), region_id=int(region.pid), recipe_id=int(recipe.pid), parameter1=str(form.alias.data), parameter2=str(form.cpu.data), parameter3=str(form.memory.data), parameter4=str(form.storage.data), status='new') - db.session.add(new_order) - db.session.commit() - send_email(current_app.config['MAIL_USERNAME'], 'New order from {}'.format(current_user.email), - 'panel/email/adm_neworder', user=current_user) - return redirect(request.args.get('next') or url_for('panel.dashboard')) - - return render_template('panel/deploy.html', form=form) +#@panel.route("/deploy", methods=['GET', 'POST']) +#@login_required +#def deploy(): +# if current_user.name is None: +# return redirect(url_for('settings.profile')) +# +# form = OrderForm() +# if form.validate_on_submit(): +# region = Region.query.filter_by(pid=int(form.region.data)).first() +# recipe = Recipe.query.filter_by(pid=int(form.recipe.data)).first() +# new_order = Order(user_id=int(current_user.pid), region_id=int(region.pid), recipe_id=int(recipe.pid), parameter1=str(form.alias.data), parameter2=str(form.cpu.data), parameter3=str(form.memory.data), parameter4=str(form.storage.data), status='new') +# db.session.add(new_order) +# db.session.commit() +# send_email(current_app.config['MAIL_USERNAME'], 'New order from {}'.format(current_user.email), +# 'panel/email/adm_neworder', user=current_user) +# return redirect(request.args.get('next') or url_for('panel.dashboard')) +# +# return render_template('panel/deploy.html', form=form) #DASHBOARD @panel.route("/dashboard", defaults={'user_pid': 0}, methods=['GET']) @panel.route("/dashboard/", methods=['GET']) @login_required def dashboard(user_pid): - sys_regions = Region.query.all() - if user_pid == 0: cuser = current_user else: - cuser = User.query.filter_by(pid=user_pid).first() + cuser = User.query.filter_by(id=user_pid).first() if cuser == None: abort(404) if not current_user.is_administrator(): - abort(404) #hidden 403 - - inv_addresses = cuser.inv_addresses.order_by(Address.ip.asc()).all() - inv_deployments = cuser.inv_deployments.filter_by(deleted=False).order_by(Deployment.machine_alias.asc()).all() - regions = {} - for region in sys_regions: - regions[region.pid] = region.description - - inv_deploycubeids = [] - warnflag = False - for invcls in inv_deployments: - if invcls.user_id == cuser.pid: - inv_deploycubeids.extend([invcls.machine_id]) - #warning detector - if invcls.warning == True or invcls.enabled == False: - warnflag = True + abort(403) - inv_services = cuser.inv_services.filter_by(deleted=False).order_by(Service.date_last_charge.asc()).all() - inv_domains = cuser.inv_domains.filter_by(deleted=False).order_by(Domain.date_created.desc()).all() - - #extract rrd and status from the deployments - rrd = {} - statuses = {} - #current_app.logger.warning(str(inv_deploycubeids)) - for unit_id in inv_deploycubeids: - data = { 'unit_id': int(unit_id), - 'type': 'kvm' } - try: - query = contact_proxmaster(data, 'vmrrd') - graphs_list = ['net', 'cpu', 'mem', 'hdd'] - rrd[unit_id] = {} - for graph in graphs_list: - raw = query[graph]['image'].encode('raw_unicode_escape') - rrd[unit_id][graph] = base64.b64encode(raw).decode() - status = { unit_id : query['status'] } - statuses.update(status) - except Exception as e: - current_app.logger.error(e) - for invcls in inv_deployments: - if invcls.machine_id == unit_id: - inv_deployments.remove(invcls) - flash('Support is notified about {}.'.format(str(cuser.inv_deployments.filter_by(machine_id=unit_id).first().machine_alias))) - if not current_user.is_administrator(): - send_email(current_app.config['MAIL_USERNAME'], '{} experienced an error'.format(cuser.email), 'vmanager/email/adm_unreachable', user=current_user, unit_id=unit_id, error=repr(e)) - continue - supportform = MessageForm() - return render_template('panel/dashboard.html', sys_regions=sys_regions, inv_deployments=inv_deployments, inv_services=inv_services, inv_domains=inv_domains, inv_addresses=inv_addresses, rrd=rrd, status=statuses, warnflag=warnflag, regions=regions, form=supportform) - - -#SUPPORT -@panel.route("/list", methods=['GET']) -@login_required -def support_list(): - """ general enquiry and list all open support tasks """ - cuser = current_user - form = MessageForm() - - alltopics = cuser.inv_topics.all() - return render_template('panel/support_list.html', form=form, inv_topics=alltopics) - -@panel.route("/topic//", methods=['GET', 'POST']) -@login_required -def support(topic): - """ block item for support chatbox. invoked from vdc_pool or supportlist """ - cuser = current_user - form = MessageForm() - - if request.method == "GET": - support_topic = SupportTopic.query.filter_by(hashtag=str(topic)).first() - if support_topic == None: - class EmptySupport(): - hashtag=str(topic) - timestamp=datetime.utcnow() - support_topic = EmptySupport() - return render_template('panel/support_item.html', form=form, support=support_topic) - else: - if support_topic.user_id != cuser.pid: - abort(403) #TODO: hidden 403. there is a topic like that but its not yours! - else: - #topic is yours. show it. - return render_template('panel/support_item.html', form=form, support=support_topic) - - if request.method == "POST" and form.validate_on_submit(): - support_topic = SupportTopic.query.filter_by(hashtag=str(topic)).first() - if support_topic == None: - #no topic. create one? - if cuser.inv_topics.all() != []: - #check if other topics exist, and ratelimit - last_topic = cuser.inv_topics.order_by(SupportTopic.timestamp.desc()).first() - now = datetime.utcnow() - time_last_topic = last_topic.timestamp - expiry = time_last_topic + relativedelta(time_last_topic, minutes=+5) - if now < expiry: - flash('ratelimit. try again later') - return redirect(url_for('panel.support_list')) - #create new topic - new_topic = SupportTopic(user_id=cuser.pid, hashtag=str(topic)) - db.session.add(new_topic) - new_line = SupportLine(topic_id=new_topic.pid, line=str(form.line.data)) - db.session.add(new_line) - - else: - if support_topic.user_id == cuser.pid: - new_line = SupportLine(topic_id=support_topic.pid, line=form.line.data) - db.session.add(new_line) - else: - abort(403) #TODO: hidden 404 - - db.session.commit() - return redirect(url_for('panel.support_list')) + inv_items = cuser.inv_items.order_by(Item.date_created.asc()).all() + return render_template('panel/dashboard.html', inv_items=inv_items) diff --git a/flask/forest/settings/forms.py b/flask/forest/settings/forms.py index 0f7179b..77a7234 100644 --- a/flask/forest/settings/forms.py +++ b/flask/forest/settings/forms.py @@ -21,11 +21,6 @@ class EditProfileForm(FlaskForm): country = SelectField('Country:', choices=clist, default='BG') phone = StringField('Phone:') - org_account = BooleanField('This is a business account.') - org_companyname = StringField('Company Name:') - org_regaddress = StringField('Company Address:') - org_responsible = StringField('Accountable Person:') - org_vatnum = StringField('VAT Number:') twofactor = BooleanField('Enable 2-factor authentication') submit = SubmitField('Update') @@ -45,11 +40,6 @@ class EditProfileAdminForm(FlaskForm): country = SelectField('Държава:', choices=clist) phone = DecimalField('Телефон:', [validators.DataRequired()]) - org_account = BooleanField('This is a business account') - org_companyname = StringField('Company Name:') - org_regaddress = StringField('Company Address:') - org_responsible = StringField('Primary Contact:') - org_vatnum = StringField('ДДС Номер:') twofactor = BooleanField('2-factor authentication') submit = SubmitField('Обнови') diff --git a/flask/forest/settings/routes.py b/flask/forest/settings/routes.py index aa710e7..a7224d5 100644 --- a/flask/forest/settings/routes.py +++ b/flask/forest/settings/routes.py @@ -23,11 +23,6 @@ def profile(): current_user.postcode = form.postcode.data current_user.country = form.country.data current_user.phone = form.phone.data - current_user.org_account = form.org_account.data - current_user.org_companyname = form.org_companyname.data - current_user.org_regaddress = form.org_regaddress.data - current_user.org_responsible = form.org_responsible.data - current_user.org_vatnum = form.org_vatnum.data current_user.twofactor = form.twofactor.data db.session.add(current_user) db.session.commit() @@ -39,15 +34,10 @@ def profile(): form.postcode.data = current_user.postcode form.country.data = current_user.country form.phone.data = current_user.phone - form.org_account.data = current_user.org_account - form.org_companyname.data = current_user.org_companyname - form.org_regaddress.data = current_user.org_regaddress - form.org_responsible.data = current_user.org_responsible - form.org_vatnum.data = current_user.org_vatnum form.twofactor.data = current_user.twofactor wallet = "%.2f" % round(current_user.wallet, 3) #current_app.logger.info('[{}] wallet: {}'.format(current_user.email, wallet)) - return render_template('settings/profile.html', page=page, form=form, wallet=wallet, cuser=current_user) + return render_template('settings/profile.html', page=page, form=form, cuser=current_user) diff --git a/flask/forest/static/hello.txt b/flask/forest/static/hello.txt deleted file mode 100644 index 32aad8c..0000000 --- a/flask/forest/static/hello.txt +++ /dev/null @@ -1 +0,0 @@ -hi! diff --git a/flask/forest/templates/admin/list_items.html b/flask/forest/templates/admin/list_items.html new file mode 100644 index 0000000..8640199 --- /dev/null +++ b/flask/forest/templates/admin/list_items.html @@ -0,0 +1,48 @@ +{% extends "base.html" %} + +{% block styles %} +{{ super() }} + +{% endblock %} + +{% block page_content %} +
+ {% include "admin/admin_tasks.html" %} + +
+
+
Items
+

+

+ + + + + + + + + + + {% for item in items %} + {% endif %} + {% endif %} + + + + + + {% endfor %} + +
OwnerKeyDescriptionData Created
{{ item.owner.email }}{{ item.key }}{{ item.description }}{{ moment(item.date_created).format('lll') }}
+
+
+
+ + +
+
+
+ +{% endblock %} +